Intrusion Detection Response
Linux Security brings us:
Intrusion Detection Response.
"In this paper we will look at IDS-triggered countermeasures, what are
they, how they can be triggered and when they should not be
triggered. Lets first assume we have an IDS that looks at traffic
passing through the wire (see Picture 1). That corresponds to the
majority of deployed IDS. What actions can thus deployed IDS invoke?
First, it can send an alert that can be handled by outside programs to
accomplish pretty much any action. Seconds, IDS itself can try to
influence the traffic that passes by."
(Submitted by Noel Fri Apr 26, 2002 )
Our content can be syndicated: Main page Mac Page
Copyright 1999-2005 Noel Davis. Noel also runs web sites about sailing and kayaking.
All trademarks are the property of their owners.
All articles are owned by their author